Navigation :

Kubernetes GCP Detect Sensitive Object Access

Description

This search provides information on Kubernetes accounts accessing sensitve objects such as configmaps or secrets

Help
Kubernetes GCP Detect Sensitive Object Access Help You must install splunk add on for GCP . This search works with pubsub messaging service logs.

Help

Kubernetes GCP Detect Sensitive Object Access Help

You must install splunk add on for GCP . This search works with pubsub messaging service logs.

Search
`google_gcp_pubsub_message` data.protoPayload.authorizationInfo{}.resource=configmaps OR secrets \| table data.protoPayload.requestMetadata.callerIp src_user data.resource.labels.cluster_name data.protoPayload.request.metadata.namespace data.labels.authorization.k8s.io/decision \| dedup data.protoPayload.requestMetadata.callerIp src_user data.resource.labels.cluster_name \|`kubernetes_gcp_detect_sensitive_object_access_filter` Open in Search

Search

`google_gcp_pubsub_message` data.protoPayload.authorizationInfo{}.resource=configmaps OR secrets  | table data.protoPayload.requestMetadata.callerIp src_user data.resource.labels.cluster_name data.protoPayload.request.metadata.namespace data.labels.authorization.k8s.io/decision | dedup data.protoPayload.requestMetadata.callerIp src_user data.resource.labels.cluster_name |`kubernetes_gcp_detect_sensitive_object_access_filter`

Open in Search